CVE-2026-53076
The CVE covers a Linux kernel BPF issue: an out-of-bounds read in pcpu_init_value when copying data between BPF_MAP_TYPE_CGROUP_STORAGE and a pcpu map with the same value_size that is not 8-byte aligned. The verifier reads the source size exactly, but the copy path sometimes rounds up to 8 bytes ...